Data privacy statement
The protection of your privacy is very important to us. We therefore proceed according to the statutory regulations of the European and German data privacy legislation in all operations of data processing (e.g. collecting, processing and transmission).
The following statement provides you with an overview regarding which of your data you give us when using the Apollodor app, and which data is required when installing the Apollodor app on your Android device (e.g. compatible Android smartphone or Android tablet) and/or your iOS device (e.g. iPhone, iPod or iPad), how this data is used and passed on, how you can obtain information about the information given to us, and what security measures we take to protect your data.
1. Who is your contact person (controller) for data privacy concerns?
The controller as defined in the data privacy regulations for all data processing procedures carried out via our websites is:
Vollradser Allee 45
email address: email@example.com
We have not appointed a data privacy officer as the statutory prerequisites for an appointment do not exist in our company.
Please address your enquiries on the topic of data privacy and the assertion of the rights of data subjects (cf. below) to the above address.
2. Which data do we need from you to operate the Apollodor app? Which data is collected and stored during use of the Apollodor app?
Personal data is any information that refers to an identified or identifiable natural person (“data subject”), such as, e.g. your name, your address, your phone number and your IP address.
Basically, we only collect and use our users' personal data when this is necessary in order to provide a functioning app and to provide our contents and services. Generally speaking, the collection and use of our users' personal data is only carried out after obtaining the user's consent. An exception applies in such cases, where obtaining prior consent is not possible for practical reasons, and where the processing of data is permitted by statutory regulations.
a. Download and installation of the Apollodor app
(1) Via Google’s Play Store (Google-android compatible terminal devices)
To use the Apollodor app on your Android device (e.g. Android smartphone or Android tablet),downloading the Apollodor app from Google's Play Store and installing it on your device is necessary. To do this, you must be logged into the Google Play Store with your Android user account by entering your username (your email address) and password.
(2) Via the App Store or iTunes
To use the app on your iOS device (e.g. iPhone, iPod or iPad), downloading the app from Apple's App Store (for Mac: via iTunes) and installing it on your device is necessary. To do this, you must be logged into the App Store with your Apple user account, entering your Apple ID (usually your email address) and password.
b. Access rights of the Apollodor app to data on the terminal device
For Google Android compatible devices, you will need to confirm the following access permissions when you install the Apollodor app from the Google Play Store:
- Internet connection
- Access to data storage
If you do not wish to accept these access rights, please refrain from installing and using the Apollodor app.
When using the Apollodor app, there are no access rights beyond those mentioned above:
When you confirm the access authorisations and accesses during or after the installation, you hereby provide us your consent to these accesses on your terminal device. Thus, the legal basis for processing the data is Art. 6 par. 1 lit. a GDPR. The purpose of data processing via certain access rights to your terminal device is the technical operation and use of the Apollodor app, with all features included.
c. Usage data
The following data is recorded when using our websites, whereby storage ensues solely for internal system-related and statistical purposes; so-called usage data:
Downloads and logging of which charts you have downloaded
The data is also stored together with the IP address in the log files of our system.
The temporary storage of the IP address is required by the system, in order to enable the use of the app. For this purpose, the user’s IP address must be stored for the duration of the session.
The storage in log files is carried out to ensure the functioning of the app. In addition, the data is used to optimise the website and ensure the security of our IT systems. An analysis of the data for marketing purposes does not take place in this context.
Our legitimate interest in data processing as according to Art. 6 par.1 lit. f GDPR also lies in these purposes.
The data is deleted as soon as it is no longer necessary to achieve the purpose for which it was collected.
When the data is stored in log files, this is the case after one month at the latest. Storage beyond this time frame is possible. In this case, the users' IP addresses are deleted or modified so that allocating them to the accessing clients is no longer possible.
The recording of data to use the app and the storage of data in log files is essential for the operation of the website. Consequently, the user has no option of contesting.
d. Data stored on terminal device when using the Apollodor app
When using the Apollodor app, the following data is stored locally on your terminal device:
- Chart files (PNG / PDF)
- Chart lists
Legal basis for storage of this data is Art. 6 par. 1 lit. f GDPR. We store this data for the purpose of making the use and product range of the Apollodor app more attractive. This also includes our legitimate interest in data processing pursuant to Art. 6 par. 1 lit. f GDPR.
When installing the app, the user must register by providing personal data. For this, the data is entered in an entry mask, transmitted to us and stored. The data is not forwarded to third parties. The following data is processed in the course of the registration process:
- Email address
At the time of registration the following data is also stored:
- Logging of the chart downloads
- Device ID
- Operating system and version
- Terminal device (for securing access control)
In order to make our service more customer-friendly, we store successful app logins with the device ID. In this way, you no longer need to log in again.
Legal basis for processing the data, in the case of the user’s consent is Art. 6 par. 1 lit. a GDPR.
When registration serves the fulfilment of a contract, of which the user is a contractual party, or the execution of pre-contractual measures, an additional legal basis for processing the data is provided pursuant to Art. 6 par. 1 lit. b GDPR.
User registration is necessary for making certain content and services available in our app.
The data is deleted as soon as it is no longer required for the purpose for which it was collected. This is the case when the contract with you ends, and no contractual or legal storage obligations exist.
Permanent obligations require the storage of the personal data during the contractual term. Moreover, warranty periods must be complied with as well as the storage of data for tax purposes. Which storage deadlines are to be adhered to hereby cannot be stipulated globally but must be determined for the respectively concluded contracts and contractual parties in each individual case.
When the data is required to fulfil a contract or to execute pre-contractual measures, a premature erasure of the data is only possible, if it is not contrary to contractual or statutory obligations.
f. IP Address Tracking
Pursuant to our contractual basis, only you are entitled to use your account, and you cannot transfer the right to use your account to third parties. When we have reason to suspect that third parties have illegally obtained access to your account, we will track and evaluate the IP addresses used to access your account.
The legal basis for this is Art. 6 par. 1 lit. f GDPR, as the contractual use of your account is in the legitimate interest of both parties.
3. What security measures have we taken to protect your data?
We have taken a variety of security measures to protect personal information appropriately and adequately.
Our databases are protected by physical and technical measures, as well as procedural measures that restrict access to the information to specially authorised persons in compliance with this data privacy statement. Only employees who require the information to complete a special task can obtain access to personal information. Our staff are trained regarding security and data privacy practices.
We use the standardised SSL encryption technology when collecting and transmitting data via our internet pages. Personal data is transmitted, within the context of the ordering process, via SSL encryption.
4. Advertising by email (e.g. newsletters)
Our website offers the possibility to subscribe to a free newsletter. Thereby, when registering for the newsletter, the data from the entry mask is transmitted to us.
- Email address
- Name (optional)
We obtain your consent for the processing of data during the login process and refer to this data privacy statement.
No data is forwarded to third parties in connection with the data processing for the despatch of newsletters. The data is exclusively used for the despatch of the newsletters.
The legal basis for processing the data after registration for the newsletter, with the existence of the user’s consent, is Art. 6 par. 1 lit. a GDPR.
The collection of the user’s email address is used to send the newsletter.
More information on our email newsletter can be found on our website. There you can also view the data privacy provisions relating to the dispatch of the email newsletter
5. Rights of data subjects
If personal data relating to you is processed, you are a data subject as defined in the GDPR and you are entitled to the following rights towards the controller:
Information, rectification, restriction of processing and erasure
You have the right at any time to obtain information free of charge about any personal data we have stored about you, about the origin and recipient, as well as the purpose of data processing via our websites. In addition, you have the right to rectification, erasure and restriction of the processing of your personal data, where the statutory provisions exist.
Right to data portability
You have the right to receive the personal data relating to you that you have made available to us as the responsible office in a structured, commonly used and machine-readable format. We can satisfy this right by providing a csv-export of the customer data processed relating to you.
Right to information
When you have asserted your right to rectification, deletion or restriction of processing to the responsible office, this office is obliged to inform all recipients, to whom the personal data relating to you was disclosed, about this rectification or deletion of the data or the restriction of processing, unless this proves to be impossible or involves an unreasonable expense or effort.
You have the right vis-à-vis the responsible office to be informed about these recipients.
Right to object
For reasons arising from your particular situation, you have the right to object at any time to the processing of personal data relating to you that is carried out pursuant to Art. 6 par. 1 lit. e or lit. f GDPR: this shall also apply to any profiling that is supported by these provisions.
The controller no longer processes the personal data relating to you, unless they can prove compelling legitimate reasons for the processing that override your own interests, rights and liberties, or when the processing serves the assertion, exercise or defence of legal claims.
If the personal data relating to you is processed in order to operate direct advertising, you have the right to object to the processing of the personal data relating to you for the purpose of such advertising at any time. This also includes profiling, when this is associated with such direct advertising.
If you object to the processing for direct advertising purposes, the personal data relating to you will no longer be processed for these purposes.
You have the possibility, in connection with the use of services of the information society – irrespective of the Directive 2002/58/EC – to exercise your right to object by means of automatic processes with which technical specifications are used.
Revocability of data privacy consent declarations
In addition, you may revoke the consents that you have given us with effect to the future at any time, at the contact details stated above.
Right to lodge a complaint with a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular, in the member state of your place of residence, your place of work or the place of alleged infringement, if you consider that the processing of the personal data relating to you infringes the EU general data privacy regulation.
The supervisory authority, with which the complaint has been lodged, informs the complainant of the progress and the outcome of the complaint, including the possibility of a judicial remedy pursuant to Art. 78 GDPR.
6. Changes to this data privacy statement
We reserve the right to change this data privacy statement when the occasion arises and without prior notice. Please therefore consult this page regularly to find out about possible changes to this data privacy statement.